Statement of Commissioner Christy Goldsmith Romero Regarding Holding Wall Street Accountable
For Widespread Use of Unauthorized Communications Platforms, like Whatsapp and Signal, to Evade Regulatory Oversight
September 27, 2022
I vote to approve the Commodity Futures Trading Commission’s (“CFTC”) enforcement actions that hold 11 Wall Street banks and other financial institutions accountable for senior executives, traders, and other employees’ widespread use of unauthorized communications methods — like encrypted messaging apps and private emails and texts — to avoid creating records and evade regulatory and bank oversight. These cases shut down and bring transparency and public accountability to Wall Street’s pervasive and evasive bank practices that jeopardize market integrity and violate the law. The CFTC is requiring all defendants to admit wrongdoing, pay historically high penalties for recordkeeping violations of the law (a combined $1.8 billion between CFTC and parallel Securities and Exchange Commission (“SEC”) cases), and fix internal policies and practices to ensure that both U.S. regulators and bank executives can prevent, detect, and correct unauthorized illegal communications.
By bringing these cases at the same time, and in parallel with the SEC, the Commission is sending a strong message to all that we regulate that we will not tolerate efforts to evade our regulatory oversight – oversight that these entities signed up for when they registered with the Commission.
Wall Street institutions do not get to keep regulators in the dark while enjoying all of the benefits of being a regulated entity in U.S. financial markets. Those choosing to participate in U.S. financial markets are on notice — The era of evasive communications practices is over. The CFTC will hold you accountable.
It’s time for Wall Street to stop waiting for an enforcement action before it changes its practices. Tone at the top must change on Wall Street. Change can only happen if the banks’ C-suite establishes a culture of compliance over evasion.”
– Commissioner Christy Goldsmith Romero
The illegal conduct impeded the CFTC’s ability to oversee markets and ensure compliance with laws that protect investors, promote market integrity, and serve other public interests. The illegal conduct also impeded the banks’ ability to supervise their employees and ensure that bank practices matched internal bank policies prohibiting these communication methods. The CFTC found significant unauthorized communication practices at the direction of senior executives, who knew they were violating bank policies but wanted to obfuscate communications surrounding trading. The conduct found serves as a red flag about Wall Street’s culture.
I. The widespread evasive use of unauthorized communications undermines law enforcement.
The CFTC is sending a zero-tolerance message that we will not allow Wall Street to undermine our law enforcement by obfuscating or deleting communications surrounding trading. As the CFTC was conducting important investigations related to market integrity, we found evidence that communications were moved offline to unauthorized communication methods going years back.
In one example, Bank of America employees used WhatsApp, with one trader writing, “We use WhatsApp all the time but we delete convos regularly.” The head of a trading desk routinely directed traders to delete messages on personal devices and to use Signal, including during the CFTC’s investigation. In another example, the CFTC found evidence of offline communications at Nomura, and Nomura traders then took efforts to obstruct the investigation. A trader deleted messages including WhatsApp after the CFTC sent a request to preserve documents. The deleted messages included incriminating statements about trading.
Disturbingly, in several instances, when the CFTC brought this illegal conduct to the bank’s attention, it was not taken seriously, and there were efforts to obstruct CFTC law enforcement.
II. Wall Street serves as the first line of defense against insider trading, market manipulation and other illegal behavior that undermines market integrity, which they cannot fulfill when they don’t have a “tone at the top” to stop the practice of using self-deleting, self-managed encrypted messaging apps that violate their own policies that implemented the law.
Wall Street financial institutions serve as the first line of defense for market integrity through policies and supervision designed to follow the law. When this breaks down, market integrity is on the line. A common theme among the cases is that tens of thousands of communications were intentionally meant to keep the bank’s internal compliance and regulators in the dark. Many private communications channels are encrypted end-to-end and leave no recoverable record for the bank’s supervision.
Another common theme is that the CFTC found senior executives — the very people responsible for keeping a bank’s house in order – who directed employees to use unauthorized communications channels and delete messages. Some executives even lied to the CFTC and SEC.
III. A broader message
It’s time for Wall Street to stop waiting for an enforcement action before they change their practices. The illegality that the CFTC found was disturbingly widespread, evasive, directed or sanctioned by senior bank executives, and a clear violation of the law and internal bank policies. It was well known within these banks that their internal policies were being flagrantly violated in practice. But no one stopped it. In the future as more time passes from these enforcement actions, and as there is adoption of new technologies and evolving means of private communication, I am concerned that there again will be a temptation for some to evade regulatory requirements and keep the CFTC in the dark.
Tone at the top dictates a bank’s culture and that tone must change on Wall Street. The tone at the top the CFTC found was one of evasion and obfuscation, to keep bank compliance and regulators in the dark. Change can only happen if the bank’s C-suite establishes a culture of compliance over evasion. It is far past time for the C-suite to step up.
 The 11 defendants are commonly known as Bank of America, Barclays, Cantor Fitzgerald, Credit Suisse, Deutsche Bank, Goldman Sachs, Jefferies, Morgan Stanley, Nomura, UBS, and Citibank.
 I recently called for more defendant admissions in CFTC settlements. See Statement by Commissioner Christy Goldsmith Romero: Proposal for Heightened Enforcement Accountability and Transparency in Settlements (Sept. 19, 2022), available at https://www.cftc.gov/PressRoom/SpeechesTestimony/romerostatement091922.
 The CFTC’s penalties are substantial—$711 million across the 11 banks—and supplement SEC penalties of similar magnitude, bringing total penalties to more than $1.8 billion. The fines individually dwarf the next largest penalties assessed for records-related violations.
 It is important to distinguish that the illegal conduct was not the occasional use of texting for convenience in the post-pandemic world. In fact, much of the illegal conduct occurred pre-pandemic.